Senior Enterprise Security Architect – Azure Cloud & Data Center

About The Position

Requirements

• 10+ years of experience in Enterprise Security Architecture, with strong domain expertise in Azure and Data Center platforms.
• Proven leadership in security strategy development, architectural governance, and roadmap execution.
• Deep understanding of security controls, frameworks, and regulations (e.g., NIST, ISO, CIS Benchmarks, SOC 2, HIPAA, PCI).
• Strong hands-on experience with: Azure security services (e.g., Defender, Sentinel, Key Vault, PIM, etc.) DevSecOps toolchains (e.g., Terraform, Ansible, Snyk, Veracode, Aqua, etc.)
• Ability to independently prioritize, triage, and execute platform-level risk remediation efforts.
• Experience collaborating with cross-functional teams including product security, engineering, IT, compliance, and executive leadership.
• Microsoft Certified: Azure Solutions Architect Expert
• CISSP, SABSA, or GIAC Enterprise Security Architect (GSEA)
• Certified Cloud Security Professional (CCSP)

Responsibilities

• Develop and drive a holistic Platform Security Strategy for Azure Cloud and Data Center environments.
• Lead roadmap planning and long-term security initiatives to improve architectural resilience and risk reduction.
• Define governance architecture for cloud and datacenter platform security, ensuring scalable and secure system design.
• Collaborate with Product Security to align platform controls with product security requirements.
• Perform Security Architecture reviews for all platform related changes including to support product development, SECDEVOPS, platform enhancements, etc.
• Define and lead DevSecOps strategies, embedding platform security throughout the product development lifecycle across all platforms.
• Drive adoption of security automation, secure coding practices, and CI/CD pipeline integration.
• Lead architecture and design reviews, threat modeling exercises, and platform security assessments across the enterprise.
• Establish and enforce platform-level threat modeling standards and processes.
• Define, document, and manage security control frameworks for platform technologies.
• Ensure alignment and integration of controls across all security domains (IAM, network, data, compute, etc.).
• Drive tooling strategy and define configuration requirements for all platform security tooling, including TVM scanning, container scanning, IaaS scanning, policy enforcement, secrets management.
• Define firewall configuration requirements.
• Develop and promote secure architecture design patterns and reusable components to improve consistency and reduce development time.
• Monitor platform-level security posture and prioritize remediation of identified risks.
• Perform risk assessments across all security domains to identify baseline gaps.
• Establish and maintain vulnerability remediation guidelines and SLAs across platform teams.
• Champion a culture of security through training, enablement programs, and platform team coaching.
• Lead or support Root Cause Analysis (RCA) during platform-related incidents and participate in escalation and response efforts.
• Serve as the primary security architecture and platform security point of contact for the Managed Detection and Response (MDR) provider, overseeing the relationship and ensuring alignment with enterprise platform security requirements.
• Ensure security findings, alerts, and recommendations identified by the MDR provider are appropriately triaged, tracked, and actioned by internal platform and operations teams in accordance with defined SLAs.
• Spearhead the development and maturation of the Threat Intelligence program in partnership with the MDR provider and internal stakeholders, ensuring threat intelligence outputs are actionable and inform platform security architecture, threat modeling, and risk prioritization.
• Conduct technical risk assessments across legacy core security domains and functions: Cyber Security Architecture & Engineering Cyber Threat Operations & Security Operations Identity & Access Management (IAM) Threat & Vulnerability Management (TVM) Security Operations (security tooling, configuration, monitoring)
• Develop and implement: Hardening standards for cloud and datacenter platforms Controls and baselines across the full technology stack Reporting and oversight mechanisms to provide visibility into platform security posture

Benefits

• 401K plan w/ 6% company match (vests immediately)
• Flex-Time off + sick time
• 10 company holidays
• Full suite of health benefits (Medical, Dental, Vision)– employee only coverage covered at 100% (no employee cost). For employees + dependents, Concord covers 60% of premiums.
• Voluntary insurance options: Pet insurance Employee Life and AD&D Spousal Life and AD&D Child Life and AD&D
• Paid Parental Leave program
• Free unlimited ORCA card (Seattle area residents)
• Employee Rewards and Recognition through NectarHR
• Unlimited access to Udemy for Business